Security Bulletin: IBM API Connect V2018 (ova) is vulnerable to denial of service (CVE-2020-8551, CVE-2020-8552)

Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-8551 DESCRIPTION: Kubernetes kubelet API is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploit th...

CVE-2020-4195

CVE-2020-4195 affects IBM API Connect: API Connect V2018.4.1.0–2018.4.1.10 vulnerable to clickjacking via a malicious website, enabling a remote actor to hijack the user’s click actions. The IBM security bulletin confirms remediation in V2018.4.1.11 (addressed) and provides the upgrade path (2018...

Security Bulletin: IBM API Connect is impacted by an unspecified vulnerability in Java (CVE-2020-2604)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to take control of the system. CVSS Base score: 8.1 CVSS Temporal Score: See:...